Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: fLAygzbnGBMpxMERMYQM7TGv6anRSD2HKqFqon4Vwrg=
Subject key identifier: E6:86:85:EB:26:D8:C5:C5:BA:A7:F0:7E:DB:7C:69:EA:96:2E:84:C8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B8286B30EF1A09369C19E5237AF154D8271F680
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Mon 02 Oct 2023 00:00:00 +0000
ROA not before: Mon 02 Oct 2023 00:00:00 +0000
ROA not after: Mon 06 Nov 2023 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.crl
rsync://rpki.ripe.net/repository/aca/Kn3R14fXk-TIr1bhl9Tu2Sr2uhM.mft
rsync://rpki.ripe.net/repository/2a7dd1d787d793e4c8af56e197d4eed92af6ba13.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Oct 2023 14:35:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:82:86:b3:0e:f1:a0:93:69:c1:9e:52:37:af:15:4d:82:71:f6:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 2 00:00:00 2023 GMT
Not After : Nov 6 23:59:59 2023 GMT
Subject: serialNumber=c10d779e9d5c4898ef3a2357e7bcfe1beb00f24c68f556537feba077dc7beb85, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:64:30:c5:90:e1:36:42:77:96:7b:bd:5e:d6:
66:c2:7f:55:3d:7c:e5:72:c8:6e:60:ab:85:10:58:
eb:23:2c:bb:dd:15:85:11:e0:78:22:d9:e0:b9:d4:
6c:77:20:e5:0d:0d:44:3d:72:24:ca:0b:41:77:d2:
33:cb:7e:73:bc:9e:7a:e2:b9:35:83:e4:96:4d:46:
15:e9:72:8f:93:93:37:37:7e:66:dd:c4:83:f4:68:
a6:81:28:03:b4:d9:d8:99:67:8f:bf:49:b5:a2:59:
f2:12:df:81:88:58:8e:46:30:c9:87:b1:de:01:ee:
e0:77:c0:9c:ee:23:ea:09:b1:2d:a8:b3:8c:e7:17:
59:05:4e:94:31:0f:6c:d7:dc:8c:e6:64:74:4d:5a:
a8:c7:90:ba:c0:4f:5e:ca:c1:66:7d:60:25:99:3f:
2b:01:14:e3:fe:fd:85:9b:78:db:8f:09:32:3e:c0:
d2:8b:56:64:69:21:4a:57:bb:02:30:31:15:48:2f:
4a:e5:d4:1b:d6:94:e1:f8:7a:b9:36:16:44:df:57:
cc:7b:54:e6:d2:2c:38:64:3c:36:ec:e6:70:07:f9:
ac:7a:70:8a:09:cb:24:92:cc:5d:52:70:f4:a2:be:
9c:8a:0b:45:04:ee:64:b4:11:a1:03:ca:e9:d7:1b:
91:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:86:85:EB:26:D8:C5:C5:BA:A7:F0:7E:DB:7C:69:EA:96:2E:84:C8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
d7:22:71:0e:b4:9a:d3:e7:93:89:e5:f6:41:4e:c6:ed:aa:da:
62:a1:3e:d7:9e:8b:15:1b:5f:cf:1b:9b:55:86:db:ee:1d:a1:
f3:58:9b:37:5a:66:2d:7f:74:0c:5d:e8:ad:e3:cf:df:10:fd:
13:97:d9:83:51:cb:1e:d2:c0:ad:d6:0f:d0:8f:e2:e0:d1:35:
6b:dc:13:78:28:3d:ee:25:40:29:8c:2a:67:09:90:ca:75:e4:
c1:a1:7c:3f:a1:3d:a6:14:47:29:a8:a7:c4:dc:88:97:90:28:
a5:4b:4c:a2:ba:93:d2:b9:04:b3:f7:31:74:50:82:1b:a7:e8:
5f:a8:8e:6c:ef:29:13:b1:71:7f:30:35:e2:62:c3:98:18:cd:
82:60:96:40:a5:76:52:c9:b7:f1:b5:9a:99:3d:8c:ae:ad:d2:
ea:19:72:5c:ec:f1:32:4b:05:02:80:36:4e:78:51:9a:95:28:
d9:36:58:d9:5d:57:9d:3c:a8:b0:c7:fe:70:85:07:b6:2d:14:
cb:6a:6b:5b:b9:fe:82:1b:0e:a2:15:52:25:92:ae:d3:b7:7c:
6d:2f:43:48:70:2f:b7:a1:3e:39:e4:6d:0b:6e:9e:00:2d:ac:
44:07:44:2e:33:64:0a:d8:f6:83:b8:30:13:e4:46:f3:da:2b:
ac:cd:01:40
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUC4KGsw7xoJNpwZ5SN68VTYJx9oAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yMzEwMDIwMDAwMDBaFw0yMzExMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxMGQ3NzllOWQ1YzQ4OThlZjNhMjM1N2U3YmNmZTFiZWIwMGYyNGM2OGY1
NTY1MzdmZWJhMDc3ZGM3YmViODUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlkMMWQ4TZCd5Z7vV7WZsJ/VT185XLIbmCrhRBY6yMsu90VhRHgeCLZ4LnU
bHcg5Q0NRD1yJMoLQXfSM8t+c7yeeuK5NYPklk1GFelyj5OTNzd+Zt3Eg/RopoEo
A7TZ2Jlnj79JtaJZ8hLfgYhYjkYwyYex3gHu4HfAnO4j6gmxLaizjOcXWQVOlDEP
bNfcjOZkdE1aqMeQusBPXsrBZn1gJZk/KwEU4/79hZt4248JMj7A0otWZGkhSle7
AjAxFUgvSuXUG9aU4fh6uTYWRN9XzHtU5tIsOGQ8NuzmcAf5rHpwignLJJLMXVJw
9KK+nIoLRQTuZLQRoQPK6dcbkSUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTmhoXr
JtjFxbqn8H7bfGnqli6EyDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQDXInEOtJrT55OJ5fZBTsbtqtpioT7XnosVG1/PG5tV
htvuHaHzWJs3WmYtf3QMXeit48/fEP0Tl9mDUcse0sCt1g/Qj+Lg0TVr3BN4KD3u
JUApjCpnCZDKdeTBoXw/oT2mFEcpqKfE3IiXkCilS0yiupPSuQSz9zF0UIIbp+hf
qI5s7ykTsXF/MDXiYsOYGM2CYJZApXZSybfxtZqZPYyurdLqGXJc7PEySwUCgDZO
eFGalSjZNljZXVedPKiwx/5whQe2LRTLamtbuf6CGw6iFVIlkq7Tt3xtL0NIcC+3
oT455G0Lbp4ALaxEB0QuM2QK2PaDuDAT5Ebz2iuszQFA
-----END CERTIFICATE-----
Generated at Mon Oct 2 15:24:42 2023 by rpki-client on console-fra.rpki-client.org